Attackers can exploit this issue to execute arbitrary code within the context of an application (typically Internet Explorer) that uses the ActiveX control. Failed exploit attempts will result in a denial-of-service condition.

IBM Lotus Quickr 8.2 is vulnerable; other versions may also be affected.